CVE-2020-6245
6.5
CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Summary
SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP Business Objects Business Intelligence Platform | < 4.2 | affected |
Weaknesses
- CWE-99: CWE-99
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222
- https://launchpad.support.sap.com/#/notes/2828558
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=545396222
- https://launchpad.support.sap.com/#/notes/2828558
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.